Since losing more than 272,000 customer records of email addresses and physical addresses, Ledger has had a difficult time, Bitcoin has never been so popular. This week the French startup learned, as if that wasn’t enough, that another leak had occurred last year. It would still affect the customer base but would have been caused by its partner Shopify.
Ledger has released an update on the situation that includes an update on this new leak, detailed history from last December, and conclusions about the changes the company would make to the way it manages personal data. . In addition, Ledger created a 10-bitcoin BTC address (that’s over $ 370,000) as a bonus for anyone helping the startup identify the bad guys in the first (and biggest) attack that would cost them the money can cause skin.
To limit the break, Ledger seems to have decided to drown the piece a little: a new leak was nonetheless uncovered this week affecting his customers. However, it is not of the same nature as the previous one. According to the startup, this was a leak after a series of issues its ecommerce service partner, Shopify, experienced.
“On December 23, 2020, we received a notification from Shopify about a merchant data incident in which fraudulent members of their support team received transaction records from customers, including Ledger. Agent (s) illegally exported customer transaction records in April and June 2020. ” writes Ledger and adds that “As of December 21, 2020, Shopify had not discovered that Ledger was also affected by this attack. Shopify lets us know that they have hired experts and lawyers. “
The “transaction records” in question, in turn, relate to the purchase forms for his product, the nano-key, a physical wallet for storing cryptocurrencies. The two companies transparently recognize that email addresses, postal addresses, telephone numbers and the first and last name of contacts have been disclosed to up to 20,000 files. According to the report, the leak would increase between April and June 2020.
10 Bitcoin Bonus and Security Measures
The consequences of this new bug have certainly already occurred for the affected customers. The information has been leaked for some time. As always, it is important to remember that 24-word secret codes must not be given to Ledger to anyone, under any circumstances, via text or email.
Now Ledger realizes that many customers will be very disappointed with such a mishap and fear for their wallets. The French company finally gave a first concrete element as a lesson for the next few days: the platform wants to delete customer information as soon as possible when placing an order in order to prevent this information from being hacked. .
Also read: How to declare your cryptocurrencies in 2021
In addition, proactive security or technical order messages are only transmitted via the Ledger Live app. This means that Ledger’s email or other alternative means of communication will be kept to a minimum – just for marketing messages of product announcements. Nothing that wouldn’t look directly at the customer’s account to make phishing emails and any other scam easier to spot.
Finally, Ledger has just created the BTC address (bc1qappeev2uut3md3622wtmxllwtn7ctqdhwv0xsc), which is an amount of 10 bitcoins (currently around $ 385,000) investigation behind the July data leak that worsened in December. The company states that the award is given for information collected legally.